Re: security_definer_search_path GUC

Marko Tiikkaja <marko@joh.to>

From: Marko Tiikkaja <marko@joh.to>
To: Joel Jacobson <joel@compiler.org>
Cc: Pavel Stehule <pavel.stehule@gmail.com>, PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>
Date: 2021-06-02T16:36:39Z
Lists: pgsql-hackers

Commits

Same data as JSON: GET /api/v1/messages/:b64id/commits the thread's linked commits as JSON, with link sources. API reference →
  1. Create a new GUC variable search_path to control the namespace search

On Wed, Jun 2, 2021 at 3:46 PM Joel Jacobson <joel@compiler.org> wrote:

> If a database object is to be accessed unqualified by all users, isn't the
> 'public' schema a perfect fit for it? How will it be helpful to create
> different database objects in different schemas, if also adding all such
> schemas to the search_path so they can be accessed unqualified? In such a
> scenario you risk unintentionally creating conflicting objects, and
> whatever schema happened to be first in the search_path will be resolved.
> Seems insecure and messy to me.
>

Heh.  This is actually exactly what I wanted to do.

The use case is: version upgrades.  I want to be able to have a search_path
of something like 'pg_catalog, compat, public'.  That way we can provide
compatibility versions of newer functions in the "compat" schema, which get
taken over by pg_catalog when running on a newer version.  That way all the
compatibility crap is clearly separated from the stuff that should be in
"public".


.m